def vs_externalname_setup(request, kube_apis, ingress_controller_prerequisites, virtual_server_setup) -> ExternalNameSetup: print( "------------------------- Prepare ExternalName Setup -----------------------------------" ) external_svc_src = f"{TEST_DATA}/virtual-server-externalname/externalname-svc.yaml" external_svc_host = get_external_host_from_service_yaml(external_svc_src) config_map_name = ingress_controller_prerequisites.config_map["metadata"][ "name"] replace_configmap_from_yaml( kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, f"{TEST_DATA}/virtual-server-externalname/nginx-config.yaml") external_svc = create_service_from_yaml(kube_apis.v1, virtual_server_setup.namespace, external_svc_src) wait_before_test(1) ensure_connection_to_public_endpoint( virtual_server_setup.public_endpoint.public_ip, virtual_server_setup.public_endpoint.port, virtual_server_setup.public_endpoint.port_ssl) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) def fin(): print("Clean up ExternalName Setup:") replace_configmap(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, ingress_controller_prerequisites.config_map) request.addfinalizer(fin) return ExternalNameSetup(ic_pod_name, external_svc, external_svc_host)
def external_name_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint, ingress_controller, test_namespace) -> ExternalNameSetup: print("------------------------- Deploy External-Name-Example -----------------------------------") ingress_name = create_ingress_from_yaml(kube_apis.extensions_v1_beta1, test_namespace, f"{TEST_DATA}/externalname-services/externalname-ingress.yaml") ingress_host = get_ingress_host_from_yaml(f"{TEST_DATA}/externalname-services/externalname-ingress.yaml") external_host = get_external_host_from_yaml(f"{TEST_DATA}/externalname-services/externalname-svc.yaml") config_map_name = ingress_controller_prerequisites.config_map["metadata"]["name"] replace_configmap_from_yaml(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, f"{TEST_DATA}/externalname-services/nginx-config.yaml") svc_name = create_service_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/externalname-services/externalname-svc.yaml") ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) def fin(): print("Clean up External-Name-Example:") replace_configmap(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, ingress_controller_prerequisites.config_map) delete_ingress(kube_apis.extensions_v1_beta1, ingress_name, test_namespace) delete_service(kube_apis.v1, svc_name, test_namespace) request.addfinalizer(fin) return ExternalNameSetup(ingress_controller_endpoint, ingress_name, ingress_host, ic_pod_name, svc_name, external_host, test_namespace)
def test_when_annotation_in_configmap_only( self, kube_apis, annotations_setup, ingress_controller_prerequisites, configmap_file, expected_strings, unexpected_strings): initial_events = get_events(kube_apis.v1, annotations_setup.namespace) initial_count = get_event_count(annotations_setup.ingress_event_text, initial_events) print("Case 3: keys in ConfigMap, no annotations in Ingress") replace_ingresses_from_yaml(kube_apis.extensions_v1_beta1, annotations_setup.namespace, annotations_setup.ingress_src_file) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, configmap_file) wait_before_test(1) result_conf = get_ingress_nginx_template_conf( kube_apis.v1, annotations_setup.namespace, annotations_setup.ingress_name, annotations_setup.ingress_pod_name, ingress_controller_prerequisites.namespace) new_events = get_events(kube_apis.v1, annotations_setup.namespace) assert_event_count_increased(annotations_setup.ingress_event_text, initial_count, new_events) for _ in expected_strings: assert _ in result_conf for _ in unexpected_strings: assert _ not in result_conf
def test_ing_overrides_configmap(self, kube_apis, annotations_setup, ingress_controller_prerequisites, annotations, configmap_file, expected_strings, unexpected_strings): initial_events = get_events(kube_apis.v1, annotations_setup.namespace) initial_count = get_event_count(annotations_setup.ingress_event_text, initial_events) print("Case 4: keys in ConfigMap, annotations in Ingress") new_ing = generate_ingresses_with_annotation( annotations_setup.ingress_src_file, annotations) for ing in new_ing: # in mergeable case this will update master ingress only if ing['metadata']['name'] == annotations_setup.ingress_name: replace_ingress(kube_apis.extensions_v1_beta1, annotations_setup.ingress_name, annotations_setup.namespace, ing) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, configmap_file) wait_before_test(1) result_conf = get_ingress_nginx_template_conf( kube_apis.v1, annotations_setup.namespace, annotations_setup.ingress_name, annotations_setup.ingress_pod_name, ingress_controller_prerequisites.namespace) new_events = get_events(kube_apis.v1, annotations_setup.namespace) assert_event_count_increased(annotations_setup.ingress_event_text, initial_count, new_events) for _ in expected_strings: assert _ in result_conf for _ in unexpected_strings: assert _ not in result_conf
def annotations_grpc_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint, ingress_controller, test_namespace) -> AnnotationsSetup: print("------------------------- Deploy gRPC Annotations-Example -----------------------------------") create_items_from_yaml(kube_apis, f"{TEST_DATA}/annotations/grpc/annotations-ingress.yaml", test_namespace) ingress_name = get_names_from_yaml(f"{TEST_DATA}/annotations/grpc/annotations-ingress.yaml")[0] ingress_host = get_first_ingress_host_from_yaml(f"{TEST_DATA}/annotations/grpc/annotations-ingress.yaml") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/common/configmap-with-grpc.yaml") ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) event_text = f"Configuration for {test_namespace}/{ingress_name} was added or updated" error_text = f"{event_text}, but not applied: Error reloading NGINX" def fin(): print("Clean up gRPC Annotations Example:") delete_items_from_yaml(kube_apis, f"{TEST_DATA}/annotations/grpc/annotations-ingress.yaml", test_namespace) request.addfinalizer(fin) return AnnotationsSetup(ingress_controller_endpoint, f"{TEST_DATA}/annotations/grpc/annotations-ingress.yaml", ingress_name, ingress_host, ic_pod_name, test_namespace, event_text, error_text)
def fin(): replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map["metadata"]["name"], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml", )
def test_ssl_keys(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, clean_up): ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) initial_list = get_events(kube_apis.v1, virtual_server_setup.namespace) print("Step 1: update ConfigMap with valid ssl keys") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/virtual-server-configmap-keys/configmap-ssl-keys.yaml") wait_before_test(1) step_1_events = get_events(kube_apis.v1, virtual_server_setup.namespace) step_1_config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) assert_valid_event_emitted(virtual_server_setup, step_1_events, initial_list) assert_ssl_keys(step_1_config) print("Step 2: update ConfigMap with invalid ssl keys") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/virtual-server-configmap-keys/configmap-ssl-keys-invalid.yaml") wait_before_test(1) step_2_events = get_events(kube_apis.v1, virtual_server_setup.namespace) step_2_config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) assert_valid_event_count_increased(virtual_server_setup, step_2_events, step_1_events) assert_defaults_of_ssl_keys(step_2_config)
def config_setup(request, kube_apis, ingress_controller_prerequisites) -> None: """ Replace configmap to add "set-real-ip-from" :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_prerequisites: IC pre-requisites """ print(f"------------- Replace ConfigMap --------------") replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map["metadata"]["name"], ingress_controller_prerequisites.namespace, test_cm_src, ) def fin(): print(f"------------- Restore ConfigMap --------------") replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map["metadata"]["name"], ingress_controller_prerequisites.namespace, std_cm_src, ) request.addfinalizer(fin)
def test_when_option_in_config_map_only(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, restore_configmap, config_map_file, expected_strings, unexpected_strings): text = f"{virtual_server_setup.namespace}/{virtual_server_setup.vs_name}" vs_event_text = f"Configuration for {text} was added or updated" print(f"Case 3: key specified in ConfigMap, no option in VS") patch_virtual_server_from_yaml(kube_apis.custom_objects, virtual_server_setup.vs_name, f"{TEST_DATA}/virtual-server-upstream-options/standard/virtual-server.yaml", virtual_server_setup.namespace) config_map_name = ingress_controller_prerequisites.config_map["metadata"]["name"] replace_configmap_from_yaml(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, config_map_file) wait_before_test(1) ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) resp_2 = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) vs_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_event(vs_event_text, vs_events) for _ in expected_strings: assert _ in config for _ in unexpected_strings: assert _ not in config assert_response_codes(resp_1, resp_2)
def vs_externalname_setup(request, kube_apis, ingress_controller_prerequisites, virtual_server_setup) -> ExternalNameSetup: print("------------------------- Deploy External-Backend -----------------------------------") external_ns = create_namespace_with_name_from_yaml(kube_apis.v1, "external-ns", f"{TEST_DATA}/common/ns.yaml") external_svc_name = create_service_with_name(kube_apis.v1, external_ns, "external-backend-svc") create_deployment_with_name(kube_apis.apps_v1_api, external_ns, "external-backend") print("------------------------- Prepare ExternalName Setup -----------------------------------") external_svc_src = f"{TEST_DATA}/virtual-server-externalname/externalname-svc.yaml" external_svc_host = f"{external_svc_name}.{external_ns}.svc.cluster.local" config_map_name = ingress_controller_prerequisites.config_map["metadata"]["name"] replace_configmap_from_yaml(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, f"{TEST_DATA}/virtual-server-externalname/nginx-config.yaml") external_svc = create_service_from_yaml(kube_apis.v1, virtual_server_setup.namespace, external_svc_src) wait_before_test(2) ensure_connection_to_public_endpoint(virtual_server_setup.public_endpoint.public_ip, virtual_server_setup.public_endpoint.port, virtual_server_setup.public_endpoint.port_ssl) ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) ensure_response_from_backend(virtual_server_setup.backend_1_url, virtual_server_setup.vs_host) def fin(): print("Clean up ExternalName Setup:") delete_namespace(kube_apis.v1, external_ns) replace_configmap(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, ingress_controller_prerequisites.config_map) request.addfinalizer(fin) return ExternalNameSetup(ic_pod_name, external_svc, external_svc_host)
def test_v_s_r_overrides_config_map(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_app_setup, options, expected_strings, unexpected_strings): req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" text_s = f"{v_s_route_setup.route_s.namespace}/{v_s_route_setup.route_s.name}" text_m = f"{v_s_route_setup.route_m.namespace}/{v_s_route_setup.route_m.name}" vsr_s_event_text = f"Configuration for {text_s} was added or updated" vsr_m_event_text = f"Configuration for {text_m} was added or updated" events_ns_m = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) events_ns_s = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) initial_count_vsr_m = get_event_count(vsr_m_event_text, events_ns_m) initial_count_vsr_s = get_event_count(vsr_s_event_text, events_ns_s) print(f"Case 4: key specified in ConfigMap, option specified in VS") new_body_m = generate_item_with_upstream_options( f"{TEST_DATA}/virtual-server-route-upstream-options/route-multiple.yaml", options) new_body_s = generate_item_with_upstream_options( f"{TEST_DATA}/virtual-server-route-upstream-options/route-single.yaml", options) patch_v_s_route(kube_apis.custom_objects, v_s_route_setup.route_m.name, v_s_route_setup.route_m.namespace, new_body_m) patch_v_s_route(kube_apis.custom_objects, v_s_route_setup.route_s.name, v_s_route_setup.route_s.namespace, new_body_s) config_map_name = ingress_controller_prerequisites.config_map[ "metadata"]["name"] replace_configmap_from_yaml( kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, f"{TEST_DATA}/virtual-server-route-upstream-options/configmap-with-keys.yaml" ) wait_before_test(1) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) vsr_s_events = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) vsr_m_events = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) assert_event_count_increased(vsr_m_event_text, initial_count_vsr_m, vsr_m_events) assert_event_count_increased(vsr_s_event_text, initial_count_vsr_s, vsr_s_events) for _ in expected_strings: assert _ in config for _ in unexpected_strings: assert _ not in config assert_response_codes(resp_1, resp_2)
def fin(): print("Clean up Custom Annotations Example:") replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_items_from_yaml(kube_apis, ing_src, test_namespace)
def fin(): print(f"------------- Restore ConfigMap --------------") replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map["metadata"]["name"], ingress_controller_prerequisites.namespace, std_cm_src, )
def fin(): print("Clean up:") delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_common_app(kube_apis, app_name, test_namespace)
def vsr_externalname_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint) -> ReducedVirtualServerRouteSetup: """ Prepare an example app for Virtual Server Route. 1st namespace with externalName svc and VS+VSR. :param request: internal pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: :param ingress_controller_prerequisites: :return: """ vs_routes_ns = get_route_namespace_from_vs_yaml( f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml") ns_1 = create_namespace_with_name_from_yaml(kube_apis.v1, vs_routes_ns[0], f"{TEST_DATA}/common/ns.yaml") print("------------------------- Deploy External-Backend -----------------------------------") external_ns = create_namespace_with_name_from_yaml(kube_apis.v1, "external-ns", f"{TEST_DATA}/common/ns.yaml") external_svc_name = create_service_with_name(kube_apis.v1, external_ns, "external-backend-svc") create_deployment_with_name(kube_apis.apps_v1_api, external_ns, "external-backend") print("------------------------- Deploy Virtual Server -----------------------------------") vs_name = create_virtual_server_from_yaml(kube_apis.custom_objects, f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml", ns_1) vs_host = get_first_vs_host_from_yaml(f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml") print("------------------------- Deploy Virtual Server Route -----------------------------------") vsr_name = create_v_s_route_from_yaml(kube_apis.custom_objects, f"{TEST_DATA}/{request.param['example']}/route-single.yaml", ns_1) vsr_paths = get_paths_from_vsr_yaml(f"{TEST_DATA}/{request.param['example']}/route-single.yaml") route = VirtualServerRoute(ns_1, vsr_name, vsr_paths) print("---------------------- Deploy ExternalName service and update ConfigMap ----------------------------") config_map_name = ingress_controller_prerequisites.config_map["metadata"]["name"] replace_configmap_from_yaml(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, f"{TEST_DATA}/{request.param['example']}/nginx-config.yaml") external_svc_host = f"{external_svc_name}.{external_ns}.svc.cluster.local" svc_name = create_service_from_yaml(kube_apis.v1, ns_1, f"{TEST_DATA}/{request.param['example']}/externalname-svc.yaml") wait_before_test(2) req_url = f"http://{ingress_controller_endpoint.public_ip}:{ingress_controller_endpoint.port}" ensure_response_from_backend(f"{req_url}{route.paths[0]}", vs_host) def fin(): print("Delete test namespaces") delete_namespace(kube_apis.v1, external_ns) delete_namespace(kube_apis.v1, ns_1) request.addfinalizer(fin) return ReducedVirtualServerRouteSetup(ingress_controller_endpoint, ns_1, vs_host, vs_name, route, svc_name, external_svc_host)
def fin(): print("Clean up Annotations Example:") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_common_app(kube_apis.v1, kube_apis.apps_v1_api, common_app, test_namespace) delete_items_from_yaml(kube_apis, f"{TEST_DATA}/annotations/{request.param}/annotations-ingress.yaml", test_namespace)
def fin(): print(f"------------- Restore ConfigMap --------------") replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map["metadata"]["name"], ingress_controller_prerequisites.namespace, std_cm_src, ) write_to_json(f"reload-{get_test_file_name(request.node.fspath)}.json", reload_times)
def backend_setup(request, kube_apis, ingress_controller_prerequisites, test_namespace): """ Replace the ConfigMap and deploy the secret. :param request: pytest fixture :param kube_apis: client apis :param test_namespace: """ app_name = request.param.get("app_type") try: print( "------------------------- Replace ConfigMap with HTTP2 -------------------------" ) cm_source = f"{TEST_DATA}/virtual-server-grpc/nginx-config.yaml" replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, cm_source) print( "------------------------- Deploy Secret -----------------------------" ) src_sec_yaml = f"{TEST_DATA}/virtual-server-grpc/tls-secret.yaml" create_secret_from_yaml(kube_apis.v1, test_namespace, src_sec_yaml) print( "------------------------- Deploy App -----------------------------" ) app_name = request.param.get("app_type") create_example_app(kube_apis, app_name, test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) except Exception as ex: print("Failed to complete setup, cleaning up..") delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_common_app(kube_apis, app_name, test_namespace) pytest.fail(f"VS GRPC setup failed") def fin(): print("Clean up:") delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_common_app(kube_apis, app_name, test_namespace) request.addfinalizer(fin)
def fin(): print("Clean up:") delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "grpc", test_namespace) delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml")
def test_when_option_in_config_map_only( self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, v_s_route_setup, v_s_route_app_setup, restore_configmap, config_map_file, expected_strings, unexpected_strings): req_url = f"http://{v_s_route_setup.public_endpoint.public_ip}:{v_s_route_setup.public_endpoint.port}" text_s = f"{v_s_route_setup.route_s.namespace}/{v_s_route_setup.route_s.name}" text_m = f"{v_s_route_setup.route_m.namespace}/{v_s_route_setup.route_m.name}" vsr_s_event_text = f"Configuration for {text_s} was added or updated" vsr_m_event_text = f"Configuration for {text_m} was added or updated" print(f"Case 3: key specified in ConfigMap, no option in VS") patch_v_s_route_from_yaml( kube_apis.custom_objects, v_s_route_setup.route_m.name, f"{TEST_DATA}/virtual-server-route-upstream-options/route-multiple.yaml", v_s_route_setup.route_m.namespace) patch_v_s_route_from_yaml( kube_apis.custom_objects, v_s_route_setup.route_s.name, f"{TEST_DATA}/virtual-server-route-upstream-options/route-single.yaml", v_s_route_setup.route_s.namespace) config_map_name = ingress_controller_prerequisites.config_map[ "metadata"]["name"] replace_configmap_from_yaml(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, config_map_file) wait_before_test(1) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf( kube_apis.v1, v_s_route_setup.namespace, v_s_route_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(f"{req_url}{v_s_route_setup.route_m.paths[0]}", headers={"host": v_s_route_setup.vs_host}) resp_2 = requests.get(f"{req_url}{v_s_route_setup.route_s.paths[0]}", headers={"host": v_s_route_setup.vs_host}) vsr_s_events = get_events(kube_apis.v1, v_s_route_setup.route_s.namespace) vsr_m_events = get_events(kube_apis.v1, v_s_route_setup.route_m.namespace) assert_event(vsr_m_event_text, vsr_m_events) assert_event(vsr_s_event_text, vsr_s_events) for _ in expected_strings: assert _ in config for _ in unexpected_strings: assert _ not in config assert_response_codes(resp_1, resp_2)
def fin(): print("Restore the ClusterRole:") patch_rbac(kube_apis.rbac_v1, f"{DEPLOYMENTS}/rbac/rbac.yaml") print("Remove the DNSEndpoint CRD:") delete_crd( kube_apis.api_extensions_v1, external_dns_crd_name, ) print("Remove the IC:") delete_ingress_controller(kube_apis.apps_v1_api, name, cli_arguments["deployment-type"], namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map["metadata"]["name"], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml", )
def appprotect_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller_prerequisites, test_namespace) -> None: """ Replace the config map, create the TLS secret, deploy grpc application, and deploy all the AppProtect(dataguard-alarm) resources under test in one namespace. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_prerequisites: :param test_namespace: """ policy_method = request.param["policy"] vs_or_vsr = request.param["vs_or_vsr"] vsr = None try: print( "------------------------- Replace ConfigMap with HTTP2 -------------------------" ) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, cm_source) if vs_or_vsr == "vs": (src_pol_name, vs_name, vs_host, vs_paths) = ap_vs_setup(kube_apis, test_namespace, policy_method) elif vs_or_vsr == "vsr": (src_pol_name, vsr_ns, vs_host, vs_name, vsr) = ap_vsr_setup(kube_apis, test_namespace, policy_method) wait_before_test(120) except Exception as ex: cleanup(kube_apis, ingress_controller_prerequisites, src_pol_name, test_namespace, vs_or_vsr, vs_name, vsr) def fin(): print("Clean up:") cleanup(kube_apis, ingress_controller_prerequisites, src_pol_name, test_namespace, vs_or_vsr, vs_name, vsr) request.addfinalizer(fin) if vs_or_vsr == "vs": return VirtualServerSetup(ingress_controller_endpoint, test_namespace, vs_host, vs_name, vs_paths) elif vs_or_vsr == "vsr": return VirtualServerRouteSetup(ingress_controller_endpoint, vsr_ns, vs_host, vs_name, vsr, None)
def test_v_s_overrides_config_map(self, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, restore_configmap, options, expected_strings, unexpected_strings): text = f"{virtual_server_setup.namespace}/{virtual_server_setup.vs_name}" vs_event_text = f"Configuration for {text} was added or updated" events_vs = get_events(kube_apis.v1, virtual_server_setup.namespace) initial_count = assert_event_and_get_count(vs_event_text, events_vs) print(f"Case 4: key in ConfigMap, option specified in VS") new_body = generate_item_with_upstream_options( f"{TEST_DATA}/virtual-server-upstream-options/standard/virtual-server.yaml", options) patch_virtual_server(kube_apis.custom_objects, virtual_server_setup.vs_name, virtual_server_setup.namespace, new_body) config_map_name = ingress_controller_prerequisites.config_map[ "metadata"]["name"] replace_configmap_from_yaml( kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, f"{TEST_DATA}/virtual-server-upstream-options/configmap-with-keys.yaml" ) wait_before_test(1) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) config = get_vs_nginx_template_conf( kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) resp_1 = requests.get(virtual_server_setup.backend_1_url, headers={"host": virtual_server_setup.vs_host}) resp_2 = requests.get(virtual_server_setup.backend_2_url, headers={"host": virtual_server_setup.vs_host}) vs_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_event_count_increased(vs_event_text, initial_count, vs_events) for _ in expected_strings: assert _ in config for _ in unexpected_strings: assert _ not in config assert_response_codes(resp_1, resp_2)
def cleanup(kube_apis, ingress_controller_prerequisites, src_pol_name, test_namespace, vs_or_vsr, vs_name, vsr) -> None: vsr_namespace = test_namespace if vs_or_vsr == "vs" else vsr.namespace replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_ap_policy(kube_apis.custom_objects, ap_pol_name, test_namespace) delete_policy(kube_apis.custom_objects, src_pol_name, vsr_namespace) delete_common_app(kube_apis, "grpc-vs", vsr_namespace) delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) if vs_or_vsr == "vs": delete_virtual_server(kube_apis.custom_objects, vs_name, test_namespace) delete_items_from_yaml(kube_apis, src_vs_sec_yaml, test_namespace) elif vs_or_vsr == "vsr": print("Delete test namespaces") delete_namespace(kube_apis.v1, vsr.namespace)
def custom_annotations_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint, test_namespace) -> CustomAnnotationsSetup: ing_type = request.param print( "------------------------- Deploy ConfigMap with custom template -----------------------------------" ) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/custom-annotations/{ing_type}/nginx-config.yaml") print( "------------------------- Deploy Custom Annotations Ingress -----------------------------------" ) ing_src = f"{TEST_DATA}/custom-annotations/{ing_type}/annotations-ingress.yaml" create_items_from_yaml(kube_apis, ing_src, test_namespace) host = get_first_ingress_host_from_yaml(ing_src) ingress_name = get_name_from_yaml(ing_src) wait_before_test(1) ic_pod_name = get_first_pod_name( kube_apis.v1, ingress_controller_prerequisites.namespace) def fin(): print("Clean up Custom Annotations Example:") replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") delete_items_from_yaml(kube_apis, ing_src, test_namespace) request.addfinalizer(fin) return CustomAnnotationsSetup(ingress_controller_endpoint, ingress_name, test_namespace, host, ic_pod_name)
def external_name_setup(request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint, ingress_controller, test_namespace) -> ExternalNameSetup: print("------------------------- Deploy External-Backend -----------------------------------") external_ns = create_namespace_with_name_from_yaml(kube_apis.v1, "external-ns", f"{TEST_DATA}/common/ns.yaml") external_svc_name = create_service_with_name(kube_apis.v1, external_ns, "external-backend-svc") create_deployment_with_name(kube_apis.apps_v1_api, external_ns, "external-backend") print("------------------------- Deploy External-Name-Example -----------------------------------") ingress_name = create_ingress_from_yaml(kube_apis.networking_v1, test_namespace, f"{TEST_DATA}/externalname-services/externalname-ingress.yaml") ingress_host = get_first_ingress_host_from_yaml(f"{TEST_DATA}/externalname-services/externalname-ingress.yaml") external_host = f"{external_svc_name}.{external_ns}.svc.cluster.local" config_map_name = ingress_controller_prerequisites.config_map["metadata"]["name"] replace_configmap_from_yaml(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, f"{TEST_DATA}/externalname-services/nginx-config.yaml") svc_name = create_service_from_yaml(kube_apis.v1, test_namespace, f"{TEST_DATA}/externalname-services/externalname-svc.yaml") ensure_connection_to_public_endpoint(ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port, ingress_controller_endpoint.port_ssl) ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) def fin(): print("Clean up External-Name-Example:") delete_namespace(kube_apis.v1, external_ns) replace_configmap(kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, ingress_controller_prerequisites.config_map) delete_ingress(kube_apis.networking_v1, ingress_name, test_namespace) delete_service(kube_apis.v1, svc_name, test_namespace) request.addfinalizer(fin) return ExternalNameSetup(ingress_controller_endpoint, ingress_name, ingress_host, ic_pod_name, svc_name, external_host, test_namespace)
def test_keys_in_main_config(self, cli_arguments, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, clean_up): wait_before_test(1) ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) initial_list = get_events(kube_apis.v1, virtual_server_setup.namespace) data_file = f"{TEST_DATA}/virtual-server-configmap-keys/configmap-validation-keys.yaml" data_file_invalid = f"{TEST_DATA}/virtual-server-configmap-keys/configmap-validation-keys-invalid.yaml" config_path = "/etc/nginx/nginx.conf" print("Step 5: main config: update ConfigMap with valid keys with validation rules") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, data_file) expected_values = get_configmap_fields_from_yaml(data_file) wait_before_test(1) step_5_config = get_file_contents(kube_apis.v1, config_path, ic_pod_name, ingress_controller_prerequisites.namespace) step_5_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_update_event_count_increased(virtual_server_setup, step_5_events, initial_list) assert_keys_with_validation_in_main_config(step_5_config, expected_values) print("Step 6: main config: update ConfigMap with invalid keys") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, data_file_invalid) unexpected_values = get_configmap_fields_from_yaml(data_file_invalid) wait_before_test(1) step_6_config = get_file_contents(kube_apis.v1, config_path, ic_pod_name, ingress_controller_prerequisites.namespace) step_6_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_update_event_count_increased(virtual_server_setup, step_6_events, step_5_events) assert_defaults_of_keys_with_validation_in_main_config(step_6_config, unexpected_values) print("Step 7: main config: special case for hash variables") data_file = f"{TEST_DATA}/virtual-server-configmap-keys/configmap-global-variables.yaml" expected_values = get_configmap_fields_from_yaml(data_file) replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, data_file) wait_before_test(1) step_7_config = get_file_contents(kube_apis.v1, config_path, ic_pod_name, ingress_controller_prerequisites.namespace) step_7_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_not_applied_event_emitted(virtual_server_setup, step_7_events, step_6_events) assert_keys_with_validation_in_main_config(step_7_config, expected_values)
def vsr_externalname_setup( request, kube_apis, ingress_controller_prerequisites, ingress_controller_endpoint) -> ReducedVirtualServerRouteSetup: """ Prepare an example app for Virtual Server Route. 1st namespace with externalName svc and VS+VSR. :param request: internal pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: :param ingress_controller_prerequisites: :return: """ vs_routes_ns = get_route_namespace_from_vs_yaml( f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml") ns_1 = create_namespace_with_name_from_yaml(kube_apis.v1, vs_routes_ns[0], f"{TEST_DATA}/common/ns.yaml") print( "------------------------- Deploy Virtual Server -----------------------------------" ) vs_name = create_virtual_server_from_yaml( kube_apis.custom_objects, f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml", ns_1) vs_host = get_first_vs_host_from_yaml( f"{TEST_DATA}/{request.param['example']}/standard/virtual-server.yaml") print( "------------------------- Deploy Virtual Server Route -----------------------------------" ) vsr_name = create_v_s_route_from_yaml( kube_apis.custom_objects, f"{TEST_DATA}/{request.param['example']}/route-single.yaml", ns_1) vsr_paths = get_paths_from_vsr_yaml( f"{TEST_DATA}/{request.param['example']}/route-single.yaml") route = VirtualServerRoute(ns_1, vsr_name, vsr_paths) print( "---------------------- Deploy ExternalName service and update ConfigMap ----------------------------" ) config_map_name = ingress_controller_prerequisites.config_map["metadata"][ "name"] replace_configmap_from_yaml( kube_apis.v1, config_map_name, ingress_controller_prerequisites.namespace, f"{TEST_DATA}/{request.param['example']}/nginx-config.yaml") external_svc_src = f"{TEST_DATA}/{request.param['example']}/externalname-svc.yaml" external_svc_name = create_service_from_yaml(kube_apis.v1, route.namespace, external_svc_src) external_svc_host = get_external_host_from_service_yaml(external_svc_src) wait_before_test(2) def fin(): print("Delete test namespace") delete_namespace(kube_apis.v1, ns_1) request.addfinalizer(fin) return ReducedVirtualServerRouteSetup(ingress_controller_endpoint, ns_1, vs_host, vs_name, route, external_svc_name, external_svc_host)
def backend_setup(request, kube_apis, ingress_controller_endpoint, ingress_controller_prerequisites, test_namespace) -> BackendSetup: """ Deploy a simple application and AppProtect manifests. :param request: pytest fixture :param kube_apis: client apis :param ingress_controller_endpoint: public endpoint :param test_namespace: :return: BackendSetup """ try: print( "------------------------- Replace ConfigMap with HTTP2 -------------------------" ) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/appprotect/grpc/nginx-config.yaml") policy = request.param["policy"] print( "------------------------- Deploy backend application -------------------------" ) create_example_app(kube_apis, "grpc", test_namespace) wait_until_all_pods_are_ready(kube_apis.v1, test_namespace) print( "------------------------- Deploy Secret -----------------------------" ) src_sec_yaml = f"{TEST_DATA}/appprotect/appprotect-secret.yaml" create_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) print( "------------------------- Deploy logconf -----------------------------" ) src_log_yaml = f"{TEST_DATA}/appprotect/logconf.yaml" log_name = create_ap_logconf_from_yaml(kube_apis.custom_objects, src_log_yaml, test_namespace) print( f"------------------------- Deploy appolicy: {policy} ---------------------------" ) src_pol_yaml = f"{TEST_DATA}/appprotect/grpc/{policy}.yaml" pol_name = create_ap_policy_from_yaml(kube_apis.custom_objects, src_pol_yaml, test_namespace) print( "------------------------- Deploy Syslog -----------------------------" ) src_syslog_yaml = f"{TEST_DATA}/appprotect/syslog.yaml" create_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) syslog_ep = get_service_endpoint(kube_apis, "syslog-svc", test_namespace) print(syslog_ep) print( "------------------------- Deploy ingress -----------------------------" ) src_ing_yaml = f"{TEST_DATA}/appprotect/grpc/ingress.yaml" create_ingress_with_ap_annotations(kube_apis, src_ing_yaml, test_namespace, policy, "True", "True", f"{syslog_ep}:514") ingress_host = get_first_ingress_host_from_yaml(src_ing_yaml) wait_before_test(40) except Exception as ex: print("Failed to complete setup, cleaning up..") delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "grpc", test_namespace) delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") pytest.fail(f"AP GRPC setup failed") def fin(): print("Clean up:") delete_items_from_yaml(kube_apis, src_syslog_yaml, test_namespace) delete_items_from_yaml(kube_apis, src_ing_yaml, test_namespace) delete_ap_policy(kube_apis.custom_objects, pol_name, test_namespace) delete_ap_logconf(kube_apis.custom_objects, log_name, test_namespace) delete_common_app(kube_apis, "grpc", test_namespace) delete_items_from_yaml(kube_apis, src_sec_yaml, test_namespace) replace_configmap_from_yaml( kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{DEPLOYMENTS}/common/nginx-config.yaml") request.addfinalizer(fin) return BackendSetup(ingress_host, ingress_controller_endpoint.public_ip, ingress_controller_endpoint.port_ssl)
def test_keys(self, cli_arguments, kube_apis, ingress_controller_prerequisites, crd_ingress_controller, virtual_server_setup, clean_up): ic_pod_name = get_first_pod_name(kube_apis.v1, ingress_controller_prerequisites.namespace) initial_list = get_events(kube_apis.v1, virtual_server_setup.namespace) print("Step 1: update ConfigMap with valid keys without validation rules") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/virtual-server-configmap-keys/configmap-no-validation-keys.yaml") expected_values = get_configmap_fields_from_yaml( f"{TEST_DATA}/virtual-server-configmap-keys/configmap-no-validation-keys.yaml") wait_before_test(1) step_1_events = get_events(kube_apis.v1, virtual_server_setup.namespace) step_1_config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) assert_valid_event_emitted(virtual_server_setup, step_1_events, initial_list) assert_keys_without_validation(step_1_config, expected_values) print("Step 2: update ConfigMap with invalid keys without validation rules") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, f"{TEST_DATA}/virtual-server-configmap-keys/configmap-no-validation-keys-invalid.yaml") expected_values = get_configmap_fields_from_yaml( f"{TEST_DATA}/virtual-server-configmap-keys/configmap-no-validation-keys-invalid.yaml") wait_before_test(1) step_2_events = get_events(kube_apis.v1, virtual_server_setup.namespace) step_2_config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) assert_invalid_event_emitted(virtual_server_setup, step_2_events, step_1_events) assert_keys_without_validation(step_2_config, expected_values) # to cover the OSS case, this will be changed in the future if cli_arguments['ic-type'] == "nginx-ingress": data_file = f"{TEST_DATA}/virtual-server-configmap-keys/configmap-validation-keys-oss.yaml" data_file_invalid = f"{TEST_DATA}/virtual-server-configmap-keys/configmap-validation-keys-invalid-oss.yaml" else: data_file = f"{TEST_DATA}/virtual-server-configmap-keys/configmap-validation-keys.yaml" data_file_invalid = f"{TEST_DATA}/virtual-server-configmap-keys/configmap-validation-keys-invalid.yaml" print("Step 3: update ConfigMap with valid keys with validation rules") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, data_file) expected_values = get_configmap_fields_from_yaml(data_file) wait_before_test(1) step_3_config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) step_3_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_valid_event_count_increased(virtual_server_setup, step_3_events, step_2_events) assert_keys_with_validation(step_3_config, expected_values) # to cover the OSS case, this will be changed in the future if cli_arguments['ic-type'] == "nginx-ingress": assert_specific_keys_for_nginx_oss(step_3_config, expected_values) else: assert_specific_keys_for_nginx_plus(step_3_config, expected_values) print("Step 4: update ConfigMap with invalid keys") replace_configmap_from_yaml(kube_apis.v1, ingress_controller_prerequisites.config_map['metadata']['name'], ingress_controller_prerequisites.namespace, data_file_invalid) expected_values = get_configmap_fields_from_yaml(data_file_invalid) wait_before_test(1) step_4_config = get_vs_nginx_template_conf(kube_apis.v1, virtual_server_setup.namespace, virtual_server_setup.vs_name, ic_pod_name, ingress_controller_prerequisites.namespace) step_4_events = get_events(kube_apis.v1, virtual_server_setup.namespace) assert_valid_event_count_increased(virtual_server_setup, step_4_events, step_3_events) assert_defaults_of_keys_with_validation(step_4_config, expected_values)